1 /* 2 * Copyright (C) the libgit2 contributors. All rights reserved. 3 * 4 * This file is part of libgit2, distributed under the GNU GPL v2 with 5 * a Linking Exception. For full terms see the included COPYING file. 6 */ 7 /** 8 * License: GPL-2.0(Linking Exception) 9 */ 10 module libgit2.cert; 11 12 13 /* 14 * @file git2/cert.h 15 * @brief Git certificate objects 16 * @defgroup git_cert Certificate objects 17 * @ingroup Git 18 * @{ 19 */ 20 extern (C): 21 nothrow @nogc: 22 public: 23 24 /** 25 * Type of host certificate structure that is passed to the check callback 26 */ 27 enum git_cert_t 28 { 29 /** 30 * No information about the certificate is available. This may 31 * happen when using curl. 32 */ 33 GIT_CERT_NONE, 34 35 /** 36 * The `data` argument to the callback will be a pointer to 37 * the DER-encoded data. 38 */ 39 GIT_CERT_X509, 40 41 /** 42 * The `data` argument to the callback will be a pointer to a 43 * `git_cert_hostkey` structure. 44 */ 45 GIT_CERT_HOSTKEY_LIBSSH2, 46 47 /** 48 * The `data` argument to the callback will be a pointer to a 49 * `git_strarray` with `name:content` strings containing 50 * information about the certificate. This is used when using 51 * curl. 52 */ 53 GIT_CERT_STRARRAY, 54 } 55 56 //Declaration name in C language 57 enum 58 { 59 GIT_CERT_NONE = .git_cert_t.GIT_CERT_NONE, 60 GIT_CERT_X509 = .git_cert_t.GIT_CERT_X509, 61 GIT_CERT_HOSTKEY_LIBSSH2 = .git_cert_t.GIT_CERT_HOSTKEY_LIBSSH2, 62 GIT_CERT_STRARRAY = .git_cert_t.GIT_CERT_STRARRAY, 63 } 64 65 /** 66 * Parent type for `git_cert_hostkey` and `git_cert_x509`. 67 */ 68 struct git_cert 69 { 70 /** 71 * Type of certificate. A `GIT_CERT_` value. 72 */ 73 .git_cert_t cert_type; 74 } 75 76 /** 77 * Callback for the user's custom certificate checks. 78 * 79 * Returns: 0 to proceed with the connection, < 0 to fail the connection or > 0 to indicate that the callback refused to act and that the existing validity determination should be honored 80 */ 81 /* 82 * Params: 83 * cert = The host certificate 84 * valid = Whether the libgit2 checks (OpenSSL or WinHTTP) think this certificate is valid 85 * host = Hostname of the host libgit2 connected to 86 * payload = Payload provided by the caller 87 */ 88 alias git_transport_certificate_check_cb = int function(.git_cert* cert, int valid, const (char)* host, void* payload); 89 90 /** 91 * Type of SSH host fingerprint 92 */ 93 enum git_cert_ssh_t 94 { 95 /** 96 * MD5 is available 97 */ 98 GIT_CERT_SSH_MD5 = 1 << 0, 99 100 /** 101 * SHA-1 is available 102 */ 103 GIT_CERT_SSH_SHA1 = 1 << 1, 104 105 /** 106 * SHA-256 is available 107 */ 108 GIT_CERT_SSH_SHA256 = 1 << 2, 109 110 /** 111 * Raw hostkey is available 112 */ 113 GIT_CERT_SSH_RAW = 1 << 3, 114 } 115 116 //Declaration name in C language 117 enum 118 { 119 GIT_CERT_SSH_MD5 = .git_cert_ssh_t.GIT_CERT_SSH_MD5, 120 GIT_CERT_SSH_SHA1 = .git_cert_ssh_t.GIT_CERT_SSH_SHA1, 121 GIT_CERT_SSH_SHA256 = .git_cert_ssh_t.GIT_CERT_SSH_SHA256, 122 GIT_CERT_SSH_RAW = .git_cert_ssh_t.GIT_CERT_SSH_RAW, 123 } 124 125 enum git_cert_ssh_raw_type_t 126 { 127 /** 128 * The raw key is of an unknown type. 129 */ 130 GIT_CERT_SSH_RAW_TYPE_UNKNOWN = 0, 131 132 /** 133 * The raw key is an RSA key. 134 */ 135 GIT_CERT_SSH_RAW_TYPE_RSA = 1, 136 137 /** 138 * The raw key is a DSS key. 139 */ 140 GIT_CERT_SSH_RAW_TYPE_DSS = 2, 141 142 /** 143 * The raw key is a ECDSA 256 key. 144 */ 145 GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_256 = 3, 146 147 /** 148 * The raw key is a ECDSA 384 key. 149 */ 150 GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_384 = 4, 151 152 /** 153 * The raw key is a ECDSA 521 key. 154 */ 155 GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_521 = 5, 156 157 /** 158 * The raw key is a ED25519 key. 159 */ 160 GIT_CERT_SSH_RAW_TYPE_KEY_ED25519 = 6, 161 } 162 163 //Declaration name in C language 164 enum 165 { 166 GIT_CERT_SSH_RAW_TYPE_UNKNOWN = .git_cert_ssh_raw_type_t.GIT_CERT_SSH_RAW_TYPE_UNKNOWN, 167 GIT_CERT_SSH_RAW_TYPE_RSA = .git_cert_ssh_raw_type_t.GIT_CERT_SSH_RAW_TYPE_RSA, 168 GIT_CERT_SSH_RAW_TYPE_DSS = .git_cert_ssh_raw_type_t.GIT_CERT_SSH_RAW_TYPE_DSS, 169 GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_256 = .git_cert_ssh_raw_type_t.GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_256, 170 GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_384 = .git_cert_ssh_raw_type_t.GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_384, 171 GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_521 = .git_cert_ssh_raw_type_t.GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_521, 172 GIT_CERT_SSH_RAW_TYPE_KEY_ED25519 = .git_cert_ssh_raw_type_t.GIT_CERT_SSH_RAW_TYPE_KEY_ED25519, 173 } 174 175 /** 176 * Hostkey information taken from libssh2 177 */ 178 struct git_cert_hostkey 179 { 180 /** 181 * The parent cert 182 */ 183 .git_cert parent; 184 185 /** 186 * A bitmask containing the available fields. 187 */ 188 .git_cert_ssh_t type = cast(.git_cert_ssh_t)(0); 189 190 /** 191 * Hostkey hash. If `type` has `GIT_CERT_SSH_MD5` set, this will 192 * have the MD5 hash of the hostkey. 193 */ 194 ubyte[16] hash_md5; 195 196 /** 197 * Hostkey hash. If `type` has `GIT_CERT_SSH_SHA1` set, this will 198 * have the SHA-1 hash of the hostkey. 199 */ 200 ubyte[20] hash_sha1; 201 202 /** 203 * Hostkey hash. If `type` has `GIT_CERT_SSH_SHA256` set, this will 204 * have the SHA-256 hash of the hostkey. 205 */ 206 ubyte[32] hash_sha256; 207 208 /** 209 * Raw hostkey type. If `type` has `GIT_CERT_SSH_RAW` set, this will 210 * have the type of the raw hostkey. 211 */ 212 .git_cert_ssh_raw_type_t raw_type; 213 214 /** 215 * Pointer to the raw hostkey. If `type` has `GIT_CERT_SSH_RAW` set, 216 * this will have the raw contents of the hostkey. 217 */ 218 const (char)* hostkey; 219 220 /** 221 * Raw hostkey length. If `type` has `GIT_CERT_SSH_RAW` set, this will 222 * have the length of the raw contents of the hostkey. 223 */ 224 size_t hostkey_len; 225 } 226 227 /** 228 * X.509 certificate information 229 */ 230 struct git_cert_x509 231 { 232 /** 233 * The parent cert 234 */ 235 .git_cert parent; 236 237 /** 238 * Pointer to the X.509 certificate data 239 */ 240 void* data; 241 242 /** 243 * Length of the memory block pointed to by `data`. 244 */ 245 size_t len; 246 } 247 248 /* @} */